Klingon Warrior . Com

I’m getting following error:

/dev/sda2: Input/output error
mount: /dev/sda2: can’t read superblock

How do I fix this error?

A. Linux ext2/3 filesystem stores superblock at different backup location so it is possible to get back data from corrupted partition.
[Warning examples may crash your computer] WARNING! Make sure file system is UNMOUNTED.

If your system will give you a terminal type the following command, else boot Linux system from rescue disk (boot from 1st CD/DVD. At boot: prompt type command linux rescue).
Mount partition using alternate superblock

Find out superblock location for /dev/sda2:
# dumpe2fs /dev/sda2 | grep superblock
Sample output:

Primary superblock at 0, Group descriptors at 1-6
Backup superblock at 32768, Group descriptors at 32769-32774
Backup superblock at 98304, Group descriptors at 98305-98310
Backup superblock at 163840, Group descriptors at 163841-163846
Backup superblock at 229376, Group descriptors at 229377-229382
Backup superblock at 294912, Group descriptors at 294913-294918
Backup superblock at 819200, Group descriptors at 819201-819206
Backup superblock at 884736, Group descriptors at 884737-884742
Backup superblock at 1605632, Group descriptors at 1605633-1605638
Backup superblock at 2654208, Group descriptors at 2654209-2654214
Backup superblock at 4096000, Group descriptors at 4096001-4096006
Backup superblock at 7962624, Group descriptors at 7962625-7962630
Backup superblock at 11239424, Group descriptors at 11239425-11239430
Backup superblock at 20480000, Group descriptors at 20480001-20480006
Backup superblock at 23887872, Group descriptors at 23887873-23887878

Now check and repair a Linux file system using alternate superblock # 32768:
# fsck -b 32768 /dev/sda2
Sample output:

fsck 1.40.2 (12-Jul-2007)
e2fsck 1.40.2 (12-Jul-2007)
/dev/sda2 was not cleanly unmounted, check forced.
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
Free blocks count wrong for group #241 (32254, counted=32253).
Fix? yes

Free blocks count wrong for group #362 (32254, counted=32248).
Fix? yes

Free blocks count wrong for group #368 (32254, counted=27774).
Fix? yes
……….
/dev/sda2: ***** FILE SYSTEM WAS MODIFIED *****
/dev/sda2: 59586/30539776 files (0.6% non-contiguous), 3604682/61059048 blocks

Now try to mount file system using mount command:
# mount /dev/sda2 /mnt
You can also use superblock stored at 32768 to mount partition, enter:
# mount sb={alternative-superblock} /dev/device /mnt
# mount sb=32768 /dev/sda2 /mnt
Try to browse and access file system:
# cd /mnt
# mkdir test
# ls -l
# cp file /path/to/safe/location

You should always keep backup of all important data including configuration files.

This is useful to find out if your server is under attack or not. You can also list abusive IP address using this method.

netstat -nat | awk ‘{print $6}’ | sort | uniq -c | sort -n

Dig out more information about a specific ip address:

netstat -nat |grep {IP-address} | awk ‘{print $6}’ | sort | uniq -c | sort -n

Busy server can give out more information:

netstat -nat |grep 202.54.1.10 | awk ‘{print $6}’ | sort | uniq -c | sort -n

To print list of all unique IP address connected to server, enter:

netstat -nat | awk ‘{ print $5}’ | cut -d: -f1 | sed -e ‘/^$/d’ | uniq

To print total of all unique IP address, enter:

netstat -nat | awk ‘{ print $5}’ | cut -d: -f1 | sed -e ‘/^$/d’ | uniq | wc -l

If you think your Linux box is under attack, print out a list of open connections on your box and sorts them by according to IP address, enter:

netstat -atun | awk ‘{print $5}’ | cut -d: -f1 | sed -e ‘/^$/d’ |sort | uniq -c | sort -n

Display Summary Statistics for Each Protocol

Simply use netstat -s:

netstat -s | less

netstat -t -s | less

netstat -u -s | less

netstat -w -s | less

netstat -s

You can easily display dropped and total transmitted packets with netstat for eth0:

netstat –interfaces=eth0